Splunk Enterprise Vulnerability: Risky SPL Commands in Dashboard Examples Hub
CVE-2024-29946

8.1HIGH

Key Information:

Vendor
Splunk
Status
Splunk Enterprise
Splunk Cloud Platform
Vendor
CVE Published:
27 March 2024

Badges

📰 News Worthy

Summary

In Splunk Enterprise prior to version 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub contains a security vulnerability that allows unsafe SPL commands to be executed without proper safeguards. Attackers can exploit this vulnerability by tricking users into initiating specially crafted requests, leading to potential unauthorized actions that compromise system integrity. It's crucial for organizations using affected versions to apply necessary security measures to protect against such attacks.

Affected Version(s)

Splunk Cloud Platform - < 9.1.2312.104

Splunk Cloud Platform - < 9.1.2308.205

Splunk Enterprise 9.2 < 9.2.1

News Articles

favicon imageCybersecurityNews

Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards : Patch Now

Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk to organizations utilizing Splunk Enterprise and Splunk Cloud Platform.

References

https://advisory.splunk.com/advisories/SVD-2024-0302
https://research.splunk.com/application/1cf58ae1-9177-40b...

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by CybersecurityNews

  • Vulnerability published

.